Information Disclosure Vulnerability in iTunes 12.11 for Windows Allows Unauthorized Access to Apple IDs

Information Disclosure Vulnerability in iTunes 12.11 for Windows Allows Unauthorized Access to Apple IDs

CVE-2020-27895 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. This issue is fixed in iTunes 12.11 for Windows. A malicious application may be able to access local users Apple IDs.

Learn more about our User Device Pen Test.